Cambuli Francesco
UniCa About Professors and Researchers Francesco Cambuli Research Research outcomes (IRIS)

Francesco Cambuli

An Assessment of the Overlooked Dangers of Template Engines

Pisu, Lorenzo
;Maiorca, Davide;Giacinto, Giorgio
2026-01-01

Abstract

Template engines play a pivotal role in modern web application development by enabling the dynamic rendering of content, products, and user interfaces. Today, they are essential for any website that handles dynamic data, from e-commerce to social media. However, their widespread adoption also makes them attractive targets for attackers seeking to exploit vulnerabilities and gain unauthorized access to web servers. This paper presents a comprehensive assessment of the risks associated with template engines, with a particular focus on the consequences of Server-Side Template Injection (SSTI) and the ease with which such vulnerabilities can escalate to Remote Code Execution (RCE), a critical security concern in web application development.
2026
Inglese
ACM TRANSACTIONS ON THE WEB
1
32
32
https://dl.acm.org/doi/10.1145/3799796
Esperti anonimi
scientifica
Template Engine; Server-Side Template Injection; SSTI
no
Pisu, Lorenzo; Maiorca, Davide; Giacinto, Giorgio
1.1 Articolo in rivista
info:eu-repo/semantics/article
1 Contributo su Rivista::1.1 Articolo in rivista
262
3
partially_open
Files in This Item:
File Size Format  
3799796 (2).pdf

Solo gestori archivio

Type: versione pre-print
Size 538.83 kB
Format Adobe PDF
& nbsp; View / Open   Request a copy
538.83 kB Adobe PDF & nbsp; View / Open   Request a copy
3799796.pdf

open access

Type: Author’s Accepted Manuscript AAM, Post-print, (version accepted by the publisher)
Size 471.88 kB
Format Adobe PDF
View/Open
471.88 kB Adobe PDF View/Open

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

Questionnaire and social

Share on:
Impostazioni cookie